Banks should act now to audit their disclosure processes, establish clear data lineage, and ensure their reporting platforms are fit for a digital-first, regulator-visible environment.
Resolution Planning: Raising the bar on operational resilience
The Single Resolution Board (SRB), EBA, and other resolution authorities are increasing expectations for operational readiness. Banks will need to demonstrate their ability to execute resolution strategies, including liquidity in resolution, and alignment with MREL/TLAC. The EBA aims to harmonize data collection across the EU, avoid duplicate reporting, and strengthen supervisory assessments. With the March 31, 2025, deadline for submitting organizational structure and liability data behind them, banks now need to review their data processes to ensure alignment with upcoming reporting requirements and supervisory expectations. Further, the EBA is broadening the range of entities for data collection by lowering the Relevant Legal Entity threshold.
Key date:
- December 31, 2025: First reference date for expanded resolution planning data
Resolution planning brings significant data governance challenges, particularly around centralizing and reconciling data across regulatory capital and stress-testing frameworks. Banks should evaluate whether their current systems and controls are sufficient to meet supervisory expectations and reduce duplication.
This period presents a timely opportunity to revisit and test assumptions, controls, and data lineage processes developed under CRR3.
Instant Payments Regulation: Timeline extended, expectations firm
The EBA’s final draft Implementing Technical Standards (ITS) for the Instant Payments Regulation (IPR) introduces harmonized reporting requirements for fees, availability, and rejection rates. The regulation applies to all payment service providers (PSPs), including banks, e-money, and payment institutions, and requires banks to report not just raw volumes but also reasons for rejections, fraud analytics, and fees charged compared to SEPA Credit Transfers.
Key date:
- Start delayed from April 2025 to April 2026
PSPs will need reliable reporting logic, exception tracking, and controls to manage reputational and regulatory risk.
Global Watch: What’s emerging across the UK, APAC, and the Americas
U.K.: The Prudential Regulation Authority (PRA) has introduced a new indicative threshold of £300 million in total retail and small business instant access deposits. International banks exceeding this are now generally expected to operate in the UK as subsidiaries rather than branches, part of a broader move to give UK regulators increased visibility and influence. Additionally, new conduct standards are being applied to Buy Now, Pay Later (BNPL) lenders, bringing them under the Financial Conduct Authority’s (FCA) regulatory scope.
U.S.: While political momentum leans toward regulatory simplification, key initiatives remain in motion. Regulators continue to discuss the Basel III Endgame proposals, though revised capital requirements and a slower timeline reflect growing pressure from industry stakeholders and political figures. At the same time, the FDIC has updated its approach to resolution planning for large banks, focusing more narrowly on the operational data needed for short-notice interventions. These developments underscore how resilience and supervisory clarity remain priorities, even amid broader deregulatory currents.
APAC: While no major regulatory developments are currently in force across the region, change is expected. Singapore’s MAS is advancing pilots tied to risk-based supervision and digital transformation. In Hong Kong, the HKMA is preparing to scale its climate stress testing and disclosure regimes for larger banks.
Each development reinforces a global pattern: the shift from manual, retrospective reporting to forward-looking, digital regulatory compliance.
What should banks do now?
The next wave of regulatory obligations demands a coordinated, proactive approach. Banks should treat this period as a strategic window to get ahead of overlapping regulatory frameworks. We recommend five best practices to ensure readiness, minimize reporting friction, and build a future-ready compliance technology infrastructure:
- Conduct a cross-functional gap analysis across Pillar 3, resolution, and instant payments reporting requirements
- Map and harmonize data sources to ensure alignment across existing regulatory reporting (COREP, FINREP, MREL) and new requirements
- Leverage CRR 3 learnings to test assumptions, controls, and data lineage processes
- Engage early with your technology partner to avoid downstream implementation risks
- Begin parallel testing early to minimize implementation risk
Shaping the future regulatory responses
For banks, the regulatory burden isn’t just a compliance issue; it presents an opportunity for longer-term regulatory alignment. Those who invest now in integrated data architecture, scalable technology such as OneSumX for Finance, Risk and Regulatory Reporting, and an aligned governance framework will not only reduce operational risk but also position themselves as trusted, transparent players in a world of increasing regulatory scrutiny.
Whether it’s Europe’s Pillar 3, the U.S. Endgame, or APAC’s digital reporting ambitions, the message is clear: the future of regulation is converging on proactive, data-driven readiness.
